Explain 10 Linux brctl Command Examples for Ethernet Network Bridge?

brctl stands for Bridge Control. In Linux, this command is used to create and manipulate ethernet bridge.brctl is typically used when you have multiple ethernet networks on your servers, and if we want to combine them and present it as one logical network.

1. Create New Ethernet Bridge using addbr

Using brctl addbr, we can create a new ethernet bridge.

In the following example, we have created three ethernet bridges on this server: dev, stage and prod.

brctl addbr dev

brctl addbr stage

brctl addbr prod

2. Display Available Ethernet Bridge using show

Using brctl show, we can view all available ethernet bridges on your server.

# brctl show

bridge name     bridge id               STP enabled     interfaces

dev             8000.000000000000       no

prod            8000.000000000000       no

stage           8000.000000000000       no

3. Delete Existing Ethernet Bridge using delbr

Using brctl delbr, we can delete an existing ethernet bridge.

Here will show how to delete the “stage” instance of the ethernet bridge.

brctl delbr stage

 From the  above show command, we don’t see the “stage” ethernet bridge anymore.

# brctl show

bridge name     bridge id               STP enabled     interfaces

dev             8000.000000000000       no

prod            8000.000000000000       no

4. Add an Interface to Existing Bridge

Using brctl addif, we can add an interface to an existing ethernet bridge.

brctl addif dev eth0

 This will really make the eth0 as a port of of the bridge “dev”. So, all the frames that arrives on eth0 will be processed as if it is really arriving at the bridge. Also,  when the frames are sent-out on “dev” bridge, it will use eth0. When multiple interfaces are part of “dev” bridge, then eth0 will be a potential candidate sent-out  the outgoing frames from the bridge.

  After adding the eth0 to “dev” bridge, the brctl show command will display the following.

 bridge name      bridge id                    STP enabled     interfaces 

  dev                 8000.0050568954bc        no                     eth0
  prod                8000.000000000000        no

From the above output, the last column “interfaces” how has eth0 for “dev” bridge.

Remember If something goes wrong while adding eth0 to the “dev” bridge, execute the following command from the console to delete the dev bridge.

# brctl delbr dev

Also, note that if you try to add the loopback interface to the bridge, you’ll get the following invalid argument command.# brctl addif dev lo
can’t add lo to bridge dev: Invalid argument

# brctl addif dev eth2

interface eth2 does not exist!

5. Add Multiple Interfaces to Existing Bridge

In the above example, we added only one ethernet device (eth0) to the bridge.

But, the whole idea of using a bridge is to add more interfaces to the bridge.

In the following example, we are adding both eth0 and eth1 to the bridge “dev”.

# brctl addif dev eth0 eth1

As you see from the following output, for the dev bridge we see two lines. In the last column “interfaces”, we see both eth0 and eth1 for “dev” ethernet bridge.

# brctl show

bridge name         bridge id                   STP enabled     interfaces

dev                  8000.0050568954bc              no               eth0

                                                                                          eth1

prod                  8000.000000000000            no

Basically, one network can be part of only one bridge. If not, we’ll get the following error message when trying to add it to another bridge.

# brctl  addif  prod  eth1

device eth1 is already a member of a bridge; can't enslave it to bridge prod

6. Tracking MAC address of a Bridge

Using brctl showmacs, we can see all the learned MAC addresses of a bridge.

In the following example, as of now, the following are the two mac addresses that connected to the ethernet bridge “prod”. This data will keep changing depending on the current status of what is connected to the bridge.

# brctl showmacs prod

port no mac addr                is local?       ageing timer

1       00:50:56:89:54:bc       yes                0.00

2       00:60:50:46:bc:40       no                 0.00

7. Set Ageing Time for Mac Address on a Bridge

In the following example, we are setting the mac address ageing time to 120 seconds on “dev” ethernet bridge.

brctl setaging dev 120

In the above:

1 . dev is the name of the bridge where we are setting this value 120 is seconds

        So, if a frame is not seen for “dev” bridge in 120 seconds, then “dev” bridge will delete the mac address from the forwarding database.

8. Setup Spanning Tree on Ethernet Bridge

Using brctl stp, we can setup spanning tree on ethernet bridge.But default, spanning tree is not enabled when we create a bridge.Spanning tree is helpful when you have multiple bridges on your network, and they can all collaborate to find the shortest path between two ethernets. 

  In the following example, we are turning on the spanning tree on “dev” ethernet bridge.

   We can use either on or yes to enable spanning tree. So, both of the following command will do exactly the same.

brctl stp dev on

brctl stp dev yes

As you see from the following show output, the values in the “STP enabled” column for “dev” bridge is now “yes”.

# brctl show

  bridge name      bridge id                        STP enabled     interfaces

      dev              8000.000000000000           yes

      prod             8000.000000000000           no

To turn off spanning tree on  ethernet bridge, we need do the following:

# brctl stp dev off

# brctl show

bridge name     bridge id                  STP enabled     interfaces

   dev               8000.000000000000        no

  prod                8000.000000000000             no

9. Display STP Parameter Values of a Bridge

STP stands for Spanning Tree Protocol.

Once you’ve enabled stp on your bridge, you can use showstp as shown below to view all the stp parameter values of your bridge.

The following will display the stp parameter and its current value for “dev” bridge.

# brctl showstp dev

 dev

 bridge id                         000a.000000000000

 designated root               000a.000000000000

 root port                           0                                       path cost                  0

 max age                          19.99                                 bridge max age            19.99

 hello time                         1.99                                   bridge hello time          1.99

 forward delay                   14.99                                 bridge forward delay      14.99

 ageing time                      299.95

 hello timer                        0.00                                    tcn timer                         0.00

 topology change timer      0.00                                   gc timer                          0.00

 hash elasticity                   4                                         hash max                 512

 mc last member count      2                                         mc init query count        2

 mc router                          1                                          mc snooping                1

 mc last member timer       0.99                                      mc membership timer    259.96

 mc querier timer                254.96                                  mc query interval        124.98

 mc response interval          9.99                                     mc init query interval    31.24

 flags

10. Change Bridge Parameters Values

The spanning tree parameter default values for a specific bridge can be changed. You can also change other parameter values of the bridge that you created.

All of the following set commands mentioned in the table below starts with brctl. 

brctl setageing dev 100